beautypg.com

Cookie-based authentication scenarios, Overview of scenarios, Chapter 4 – Google Search Appliance Managing Search for Controlled-Access Content User Manual

Page 67

background image

Google Search Appliance: Managing Search for Controlled-Access Content

67

Chapter 4

Cookie-Based Authentication
Scenarios

Chapter 4

This section provides detailed explanations of how selecting different options in the Admin Console
affects the process of cookie-based authentication.

Overview of Scenarios

Different organizations set up cookie-based authentication rules for the Google Search Appliance’s
Universal Login in a variety of different ways. The selections that you, as a search appliance
administrator, make by using the Admin Console depend on your system’s capabilities and your
organization’s requirements.

For example, an organization might have a relatively simple system where, when a user does not have
the correct credentials for a content server, the content server redirects the search appliance to a login
system for log in, then the login system’s server redirects the search appliance back to the content
server after login. This instance is described in “Scenario 1: Normal Forms Authentication” on page 72.

In a different organization, the system might be more complex. For example, the system might require
redirecting to one URL to get cookies and then to another URL to get a verified identity. This instance is
described in “Scenario 3: Cannot Use Universal Login Form and Need Identity Verified Silently” on
page 75.

Although this document does not cover every possible variation of setting up cookie-based
authentication rules, it provides the following scenarios, which represent just a few possible
configurations that might apply to your system’s capabilities and your organization’s requirements:

“Scenario 1: Normal Forms Authentication” on page 72

“Scenario 2: Cannot Use Universal Login Form” on page 73

“Scenario 3: Cannot Use Universal Login Form and Need Identity Verified Silently” on page 75

“Scenario 4: Cannot Provide a Sample URL” on page 76

“Scenario 5: Necessary Cookie is Available for Getting a Verified Identity” on page 77

“Scenario 6: Use an HTTP Basic Challenge to Get Cookies” on page 79

“Scenario 7: Use an NTLM HTTP Login Page to Get Cookies” on page 80